From 0d01731abc0390a1d63795a3883b28bae150c727 Mon Sep 17 00:00:00 2001
From: Sebastian Stauch <33413223+sebidude@users.noreply.github.com>
Date: Tue, 27 Sep 2022 21:12:02 +0200
Subject: [PATCH] added sidecarContainers (#48)

* added sidecarContainers

Signed-off-by: Sebastian Stauch <dev@iostat.de>

* documentation for sidecars

Signed-off-by: Sebastian Stauch <dev@iostat.de>

* bump chart version to 3.9.1

Signed-off-by: Sebastian Stauch <dev@iostat.de>

* Possibility to use named port from sidecar in service

Signed-off-by: Sebastian Stauch <dev@iostat.de>

* use named port when service type is NodePort

Signed-off-by: Sebastian Stauch <dev@iostat.de>

* removed trailing spaces and malformed comments

Signed-off-by: Sebastian Stauch <dev@iostat.de>

Signed-off-by: Sebastian Stauch <dev@iostat.de>
---
 src/chartmuseum/Chart.yaml                |  2 +-
 src/chartmuseum/README.md                 |  1 +
 src/chartmuseum/templates/deployment.yaml |  6 ++++++
 src/chartmuseum/templates/service.yaml    |  7 ++++++-
 src/chartmuseum/values.yaml               | 23 +++++++++++++++++++++++
 5 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/src/chartmuseum/Chart.yaml b/src/chartmuseum/Chart.yaml
index 8ff9316..87f2ae7 100644
--- a/src/chartmuseum/Chart.yaml
+++ b/src/chartmuseum/Chart.yaml
@@ -1,7 +1,7 @@
 apiVersion: v2
 description: Host your own Helm Chart Repository
 name: chartmuseum
-version: 3.9.0
+version: 3.9.1
 appVersion: 0.15.0
 home: https://github.com/helm/chartmuseum
 icon: https://raw.githubusercontent.com/chartmuseum/charts/main/logo.jpg
diff --git a/src/chartmuseum/README.md b/src/chartmuseum/README.md
index 36ce53e..40985c5 100644
--- a/src/chartmuseum/README.md
+++ b/src/chartmuseum/README.md
@@ -202,6 +202,7 @@ their default values. See values.yaml for all available options.
 | `deployment.labels`                     | Additional labels for deployment                                            | `{}`                                 |
 | `deployment.extraVolumes`               | Additional volumes for deployment                                           | `[]`                                 |
 | `deployment.extraVolumeMounts`          | Additional volumes to mount in container for deployment                     | `[]`                                 |
+| `deployment.sidecarContainers`          | Additional containers to run in the pod                                     | `{}`                                 |
 | `podAnnotations`                        | Annotations for pods                                                        | `{}`                                 |
 | `podLabels`                             | Labels for pods                                                             | `{}`                                 |
 | `ingress.enabled`                       | Enable ingress controller resource                                          | `false`                              |
diff --git a/src/chartmuseum/templates/deployment.yaml b/src/chartmuseum/templates/deployment.yaml
index 19da0e7..554739d 100644
--- a/src/chartmuseum/templates/deployment.yaml
+++ b/src/chartmuseum/templates/deployment.yaml
@@ -151,6 +151,12 @@ spec:
         - name: public-key
           mountPath: /var/keys
           readOnly: true
+{{- end }}
+{{- if .Values.deployment.sidecarContainers }}
+{{- range $name, $spec :=  .Values.deployment.sidecarContainers }}
+      - name: {{ $name }}
+{{- toYaml $spec | nindent 8 }}
+{{- end }}
 {{- end }}
       {{- with .Values.resources }}
         resources:
diff --git a/src/chartmuseum/templates/service.yaml b/src/chartmuseum/templates/service.yaml
index 9c474d2..f5b9c0c 100644
--- a/src/chartmuseum/templates/service.yaml
+++ b/src/chartmuseum/templates/service.yaml
@@ -34,10 +34,15 @@ spec:
   - port: {{ .Values.service.externalPort }}
 {{- if (and (eq .Values.service.type "NodePort") (not (empty .Values.service.nodePort))) }}
     nodePort: {{.Values.service.nodePort}}
+{{- end }}
+{{- if .Values.service.targetPort }}
+    targetPort: {{ .Values.service.targetPort }}
+    name: {{ .Values.service.targetPort }}
 {{- else }}
     targetPort: http
+    name: http
 {{- end }}
     protocol: TCP
-    name: http
+    
   selector:
     {{- include "chartmuseum.selectorLabels" . | nindent 4 }}
diff --git a/src/chartmuseum/values.yaml b/src/chartmuseum/values.yaml
index 96f91ed..e6fd0ec 100644
--- a/src/chartmuseum/values.yaml
+++ b/src/chartmuseum/values.yaml
@@ -129,8 +129,27 @@ deployment:
   #   name: value
   # additional volumes
   extraVolumes: []
+  #  - name: nginx-config
+  #    secret:
+  #      secretName: nginx-config
   # additional volumes to mount
   extraVolumeMounts: []
+  ## sidecarContainers for the Chartmuseum
+  # Can be used to add a proxy to the pod that does
+  # scanning for secrets, signing, authentication, validation
+  # of the chart's content, send notifications...
+  sidecarContainers: {}
+  ## Example sidecarContainer which uses an extraVolume from above and
+  ## a named port that can be referenced in the service as targetPort.
+  #  proxy:
+  #    image: nginx:latest
+  #    ports:
+  #      - name: proxy
+  #        containerPort: 8081
+  #    volumeMounts:
+  #      - name: nginx-config
+  #        readOnly: true
+  #        mountPath: /etc/nginx
 
 ## Pod annotations
 ## ref: https://kubernetes.io/docs/concepts/overview/working-with-objects/annotations/
@@ -156,6 +175,10 @@ service:
   loadBalancerSourceRanges: []
   # clusterIP: None
   externalPort: 8080
+  ## targetPort of the container to use. If a sidecar should handle the
+  ## requests first, use the named port from the sidecar. See sidecar example
+  ## from deployment above. Leave empty to use chartmuseum directly.
+  targetPort:
   nodePort:
   annotations: {}
   labels: {}